Adds private app authentication API for bibxml. Fixes #3480. Commit ready for merge.

- Legacy-Id: 19711
2021-11-25 04:26:30 +00:00 · 2021-11-25 04:26:30 +00:00 · 43513ed2f5
parent 8c697536bf
commit 43513ed2f5
5 changed files with 7 additions and 6 deletions
--- a/ietf/api/tests.py
+++ b/ietf/api/tests.py
@ -354,8 +354,8 @@ class CustomApiTests(TestCase):
        self.assertEqual(data['version'], ietf.__version__+ietf.__patch__)
        self.assertIn(data['date'], ietf.__date__)

-    def test_api_appauth_authortools(self):
-        url = urlreverse('ietf.api.views.author_tools')
+    def test_api_appauth(self):
+        url = urlreverse('ietf.api.views.app_auth')
        person = PersonFactory()
        apikey = PersonalApiKey.objects.create(endpoint=url, person=person)

--- a/ietf/api/urls.py
+++ b/ietf/api/urls.py
@ -40,8 +40,8 @@ urlpatterns = [
    url(r'^submit/?$', submit_views.api_submit),
    # Datatracker version
    url(r'^version/?$', api_views.version),
-    # Authtools API key
-    url(r'^appauth/authortools', api_views.author_tools),
+    # Application authentication API key
+    url(r'^appauth/[authortools|bibxml]', api_views.app_auth),
 ]

 # Additional (standard) Tastypie endpoints
--- a/ietf/api/views.py
+++ b/ietf/api/views.py
@ -218,7 +218,7 @@ def version(request):

@require_api_key
@csrf_exempt
-def author_tools(request):
+def app_auth(request):
    return HttpResponse(
            json.dumps({'success': True}),
            content_type='application/json')
--- a/ietf/ietfauth/tests.py
+++ b/ietf/ietfauth/tests.py
@ -655,7 +655,7 @@ class IetfAuthTests(TestCase):
            self.assertContains(r, 'Invalid apikey', status_code=403)

            # invalid apikey (invalidated api key)
-            unauthorized_url = urlreverse('ietf.api.views.author_tools')
+            unauthorized_url = urlreverse('ietf.api.views.app_auth')
            invalidated_apikey = PersonalApiKey.objects.create(
                        endpoint=unauthorized_url, person=person, valid=False)
            r = self.client.post(unauthorized_url, {'apikey': invalidated_apikey.hash()})
--- a/ietf/person/models.py
+++ b/ietf/person/models.py
@ -357,6 +357,7 @@ PERSON_API_KEY_VALUES = [
    ("/api/notify/meeting/registration", "/api/notify/meeting/registration", "Robot"), 
    ("/api/notify/meeting/bluesheet", "/api/notify/meeting/bluesheet", "Recording Manager"), 
    ("/api/appauth/authortools", "/api/appauth/authortools", None),
+    ("/api/appauth/bibxml", "/api/appauth/bibxml", None),
 ]
 PERSON_API_KEY_ENDPOINTS = sorted(list(set([ (v, n) for (v, n, r) in PERSON_API_KEY_VALUES ])))